Ansible Automation Setup and Usage Guide

Ansible is a Python-based automation tool that enables parallel execution of tasks across remote systems without requiring agents on managed nodes. Communication occurs over SSH, and no additional servcies need to be running on either control or managed nodes.

Prerequisites

Generate SSH Key Pair

Clear the known_hosts file to avoid host key conflicts:

> /root/.ssh/known_hosts

Generate an SSH key pair with out passphrase interaction:

ssh-keygen -f /root/.ssh/id_rsa -N ""

Distribute Public Key

Install sshpass for non-interactive password authentication:

yum -y install sshpass

Copy the public key to target hosts while bypassing host key checking:

sshpass -p123123 ssh-copy-id -o StrictHostKeyChecking=no root@x.x.x.x

For non-standard SSH ports:

sshpass -ppasswd ssh-copy-id -o StrictHostKeyChecking=no -p1231 root@x.x.x.x

Automation Scripts

Create a script to automate key generation and distribution:

#!/bin/bash
rm -f /root/.ssh/id_dsa*
ssh-keygen -f /root/.ssh/id_rsa -N ""

for ip in 31 41 7; do
  sshpass -p123123 ssh-copy-id -o StrictHostKeyChecking=no root@x.x.x.$ip
done

Create a verification script:

#!/bin/bash
if [ $# -ne 1 ]; then
  echo "Usage: $0 <command>"
  exit 1
fi

for ip in 2; do
  echo "===== info x.x.x.$ip ====="
  ssh x.x.x.$ip "$1"
  echo ""
done

Run with:

bash /script/check.sh hostname

Installation and Module Testing

Install Ansible

Ensure EPEL repository is enabled:

yum -y install ansible

On managed nodes with SELinux enabled, install:

yum -y install libselinux-python

Configure inventory in /etc/ansible/hosts:

[web]
x.x.x.31 ansible_user=root ansible_password=123123
x.x.x.41 ansible_user=root ansible_password=123123

[ops]
x.x.x.7

Test connectivity:

ansible ops -m command -a "hostname"
ansible x.x.x.7 -m command -a "hostname" -k  # prompts for password

Core Modules

command

Executes commands but does not support shell operators (|, >, ;).

ansible x.x.x.7 -m command -a "chdir=/tmp pwd"
ansible x.x.x.7 -m command -a "creates=/etc/hosts hostname"  # skips if file exists

shell

Supports full shell syntax:

ansible x.x.x.7 -m shell -a "ls; pwd"

script

Runs a local script on remote hosts:

# /script/install_keepalived.sh
#!/bin/bash
yum -y install keepalived

ansible x.x.x.7 -m script -a "/script/install_keepalived.sh"

copy and file

Copy files and manage attributes:

ansible x.x.x.7 -m copy -a "src=/tmp/file01.txt dest=/tmp/ backup=yes"
ansible x.x.x.7 -m file -a "dest=/tmp/file01.txt owner=elk group=elk mode=600"
ansible x.x.x.7 -m file -a "dest=/tmp/newfile state=touch"
ansible x.x.x.7 -m file -a "dest=/tmp/newdir state=directory"

yum

Manage packages:

ansible x.x.x.7 -m yum -a "name=iftop state=installed"
ansible x.x.x.7 -m yum -a "list=iftop"  # shows install status

service

Control system services:

ansible x.x.x.7 -m service -a "name=firewalld state=started enabled=no"

cron

Manage scheduled jobs:

# Add with unique name to prevent duplication
ansible x.x.x.7 -m cron -a "name=backup_job minute=0 hour=2 job='/scripts/backup.sh >/dev/null 2>&1'"

# Disable (comment out)
ansible x.x.x.7 -m cron -a "name=backup_job disabled=yes job='/scripts/backup.sh >/dev/null 2>&1'"

# Remove
ansible x.x.x.7 -m cron -a "name=backup_job state=absent"

Playbook Execution

Store playbooks in a dedicated directory:

mkdir -p /etc/ansible/playbooks
touch /etc/ansible/playbooks/deploy.yaml

Run in check mode (dry-run):

ansible-playbook -C /etc/ansible/playbooks/deploy.yaml

Execute normally:

ansible-playbook /etc/ansible/playbooks/deploy.yaml

Tags: Ansible automation devops ssh playbooks

Posted on Sun, 31 May 2026 19:35:32 +0000 by ndjustin20

Freaks City